kopia lustrzana https://github.com/collective/icalendar
Merge branch 'collective:master' into feat/oss-fuzz-integration
commit
0d4b58918a
|
@ -2,35 +2,42 @@ name: CIFuzz
|
|||
on: [pull_request]
|
||||
permissions: {}
|
||||
jobs:
|
||||
Fuzzing:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
security-events: write
|
||||
steps:
|
||||
- name: Build Fuzzers
|
||||
id: build
|
||||
uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
|
||||
with:
|
||||
oss-fuzz-project-name: 'icalendar'
|
||||
language: python
|
||||
- name: Run Fuzzers
|
||||
uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
|
||||
with:
|
||||
oss-fuzz-project-name: 'icalendar'
|
||||
language: python
|
||||
fuzz-seconds: 600
|
||||
output-sarif: true
|
||||
- name: Upload Crash
|
||||
uses: actions/upload-artifact@v3
|
||||
if: failure() && steps.build.outcome == 'success'
|
||||
with:
|
||||
name: artifacts
|
||||
path: ./out/artifacts
|
||||
- name: Upload Sarif
|
||||
if: always() && steps.build.outcome == 'success'
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
# Path to SARIF file relative to the root of the repository
|
||||
sarif_file: cifuzz-sarif/results.sarif
|
||||
checkout_path: cifuzz-sarif
|
||||
Fuzzing:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
security-events: write
|
||||
steps:
|
||||
- name: Build Fuzzers
|
||||
id: build
|
||||
uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
|
||||
with:
|
||||
oss-fuzz-project-name: 'icalendar'
|
||||
language: python
|
||||
- name: Run Fuzzers
|
||||
uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
|
||||
with:
|
||||
oss-fuzz-project-name: 'icalendar'
|
||||
language: python
|
||||
fuzz-seconds: 600
|
||||
output-sarif: true
|
||||
- name: Upload Crash
|
||||
uses: actions/upload-artifact@v3
|
||||
if: failure() && steps.build.outcome == 'success'
|
||||
with:
|
||||
name: artifacts
|
||||
path: ./out/artifacts
|
||||
- name: Upload Sarif
|
||||
if: always() && steps.build.outcome == 'success'
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
# Path to SARIF file relative to the root of the repository
|
||||
sarif_file: cifuzz-sarif/results.sarif
|
||||
checkout_path: cifuzz-sarif
|
||||
|
||||
check-distribution:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Do not include Apache files in the distribution.
|
||||
run: |
|
||||
src/icalendar/tests/test_create_release.sh
|
||||
|
|
|
@ -111,19 +111,19 @@ jobs:
|
|||
twine check dist/*
|
||||
twine upload dist/*
|
||||
|
||||
deploy-github-release:
|
||||
# only deploy on tags, see https://stackoverflow.com/a/58478262/1320237
|
||||
if: startsWith(github.ref, 'refs/tags/v')
|
||||
needs:
|
||||
- run-tests
|
||||
runs-on: ubuntu-latest
|
||||
environment:
|
||||
name: github-release
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: create release
|
||||
uses: elgohr/Github-Release-Action@v4
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
||||
with:
|
||||
title: ${{ github.ref_name }}
|
||||
deploy-github-release:
|
||||
# only deploy on tags, see https://stackoverflow.com/a/58478262/1320237
|
||||
if: startsWith(github.ref, 'refs/tags/v')
|
||||
needs:
|
||||
- run-tests
|
||||
runs-on: ubuntu-latest
|
||||
environment:
|
||||
name: github-release
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: create release
|
||||
uses: elgohr/Github-Release-Action@v4
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
||||
with:
|
||||
title: ${{ github.ref_name }}
|
||||
|
|
|
@ -2,3 +2,4 @@ include *.rst tox.ini
|
|||
graft docs
|
||||
recursive-include src/icalendar *
|
||||
recursive-exclude src/icalendar *.pyc *~
|
||||
recursive-exclude src/icalendar/fuzzing *.py *.sh
|
||||
|
|
2
setup.py
2
setup.py
|
@ -52,7 +52,7 @@ setuptools.setup(
|
|||
author_email='plone-developers@lists.sourceforge.net',
|
||||
url='https://github.com/collective/icalendar',
|
||||
license='BSD',
|
||||
packages=setuptools.find_namespace_packages('src'),
|
||||
packages=setuptools.find_namespace_packages('src', exclude=["icalendar.fuzzing"]),
|
||||
package_dir={'': 'src'},
|
||||
include_package_data=True,
|
||||
zip_safe=False,
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# Create a release file and test it.
|
||||
#
|
||||
|
||||
set -e
|
||||
cd "`dirname \"$0\"`"
|
||||
cd "../../.."
|
||||
|
||||
python3 setup.py sdist
|
||||
archive=`echo dist/icalendar-*.tar.gz`
|
||||
|
||||
if ! [ -f "$archive" ]; then
|
||||
echo "ERROR: Cannot find distribution archive '$archive'."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if tar -tf "$archive" | grep 'fuzzing/'; then
|
||||
echo "ERROR: Fuzzing files are included in the release."
|
||||
echo " See https://github.com/collective/icalendar/pull/569"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Checks passed."
|
Ładowanie…
Reference in New Issue